| Deutsch English Français Italiano |
|
<uu9aqc$12m8k$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Chris Ahlstrom <OFeem1987@teleworm.us>
Newsgroups: comp.os.linux.advocacy
Subject: Re: Fedora Rawhide
Date: Sat, 30 Mar 2024 11:23:54 -0400
Organization: None
Lines: 29
Message-ID: <uu9aqc$12m8k$1@dont-email.me>
References: <l6p43aFa7q1U6@mid.individual.net>
Reply-To: OFeem1987@teleworm.us
Injection-Date: Sat, 30 Mar 2024 15:23:57 +0100 (CET)
Injection-Info: dont-email.me; posting-host="031ec8965709af23e98d4ea7fefcd3e6";
logging-data="1136916"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/mEk3GXc8W9LNkqWXBmwRb"
User-Agent: slrn/1.0.3 (Linux)
Cancel-Lock: sha1:yLfiIgm8vGdHKYqC/c3J/PXlMXo=
X-Mutt: The most widely-used MUA
X-Slrn: Why use anything else?
X-User-Agent: Microsoft Outl00k, Usenet K00k Editions
Bytes: 1886
rbowman wrote this copyrighted missive and expects royalties:
> https://fedoramagazine.org/cve-2024-3094-security-alert-f40-rawhide/#more-40042
>
> The corrupt xz is not limited to Fedora but so far is confined to beta
> builds like Rawhide and not in released versions like Fedora 39.
>
> https://en.wikipedia.org/wiki/XZ_Utils
I see that it's date Apr 8 2022 (version 5.2.4) on the Ubuntu laptop, and
Mar 28 (version 5.6.1) on the Arch laptop.
https://fedoramagazine.org/cve-2024-3094-security-alert-f40-rawhide/#more-40042
The Fedora Project was made aware of CVE-2024-3094 on Friday, March 29th
related to the xz tools and libraries...
Hmmmm.
https://security.archlinux.org/CVE-2024-3094
AVG-2851 xz 5.6.0-1 5.6.1-2 Critical Fixed
Not yet updated via pacman.
--
There are more things in heaven and earth,
Horatio, than are dreamt of in your philosophy.
-- Wm. Shakespeare, "Hamlet"